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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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2a)D This action is FINAL. 2b)K This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 
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6) ^ Claim(s) 1-34 is/are rejected. 
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DETAILED ACTION 



1 . Claims 1-34 are pending in this office action. Claims 1-32 and the added of 
claims 33-34 are presented for examination. 



2. . The reference cited in the IDS, PTO-1449, Paper NO. 4, have been considered. 



3. Applicant's arguments with respect to claims 1-34 have been considered but are 
moot in view of the new ground(s) of rejection. 



4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 



5. Claims 1-10 and 28-32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable Hirsh (US 6263339B1) in view of Kobayashi et al. (US 6275825B1). 



With respect to claims 1 and 28, Hirshch discloses Implementations of the editor 
includes one or more of the following. An attribute window is associated with each of 
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the graphical data elements. The attribute window is used to edit properties associated 
with a computer-implemented object having an object state and one or more interfaces 
providing access to the object state through a plurality of attributes, each of the 
attributes defined as a functional expression and reference able at run-time as a data 
value. The functional expression includes one or more of the following: a function; an 
operator; a database column name; a variable; and a constant. The attribute may be a 
static data value. The functional expression may be parsed to generate a function, 
which is stored as a run-time value. The function may be cloned and stored as a 
design time value if the function is a constant. Further, an error message may be 
displayed if the expression is invalid, (col. 2, lines 33-49) as step of defining at least 
one expression associated with at least one record of said database. Within the 
block 360, two functions are further specified. Traversing down the left branch of the 
tree, a VcSftnConcatenate function 362 is designated. VcSftnConcatenate 362 is 
responsible for evaluating the expression (firstjiame+" ") using its two member string 
functions, m_ftn1 and m_ftn2. Within the block 362 are two additional functions, a 
VcSftnLookup function 364, a string function responsible for looking up the current 
value of the identifier stored in nrwef ("firstjiame"), and a VcSftnConstant function 
370, a string function responsible for storing a constant string value, (col. 14, lines 57- 
67) as step of evaluating said at least one expression for said at least one record. 

Hirsch discloses in runtime mode, a viewpoints dialog box may be provided for 
navigating a world. Scenes allowing direct access may be displayed in the Scenes 
combobox. The viewpoints for the selected scene may be displayed in the Viewpoints 
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listbox, (col. 10, lines 55-59). However, Hirsch does not explicitly teach allowing 
access to said at least one record based on said evaluating of said at least one 
expression. Kobayashi discloses the item access right group information is displayed 
as the column caption of the table, while the record access right group information is 
displayed as the column caption of the table. A record access condition is written at an 
intersection of a matrix consisting of the row and column captions (step C6). In this 
case, each intersection area is divided into two parts so as to allow to set two different 
record access conditions. Each record access condition is described using a logic 
expression obtained by connecting a data item name to a condition value using a 
comparison operator (<, .Itoreq., =, .gtoreq., .noteq.). When a condition value is 
omitted, the condition value is given by the value unique to the user himself. That is, 
"department-' indicates that the user belongs to the same department. When a 
plurality of record access conditions are set in each intersection area, an AND 
condition is set in this area. For example, an intersection area "C1" (personnel staff, 
personnel department) having the item access right group code "C" and a record 
access right group code "1" indicates that the "user belongs to the same office 
location" but the "user is different from a person to be accessed (different employee 
No.)". Note that no record access condition is set in a meaningless area such as C2 
(personnel staff, general affairs department). Record access conditions are described 
in intersection areas by sequentially updating the row and column points. When the 
table is completely filled, the set contents are transferred to and stored and managed in 
the record access right management file RMF (step C7), (col. 7, lines 35-62) as step of 
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allowing access to said at least one record based on said evaluating of said at 
least one expression. Therefore, it would have been obvious to one of ordinary skill 
in the art at the time the invention was made to combine the teachings of Hirsch with 
the teaching of Kobayashi. By doing so, the system can maintains security in an open 
environment, (col. 1, lines 45-47). 

As to claim 2, Hirsch further discloses a method as recited in claim 1 , wherein 
said at least one expression is a calculation expression that can be evaluated at least 
partly based on a value of at least one field of said at least one record, (col. 17, lines 44- 
64). 

As to claim 3, Hirshch further discloses a method as recited in claim 1 , wherein 
said at least one expression is a calculation expression that can be evaluated at least 
partly based on at least one state variable of said database, (col. 17, lines 44-64). 

As to claims 4 and 29, Hirshch further discloses a method as recited in claim 1 , 
wherein said at least one expression can be defined based on fields and state variables 
of said database, and wherein said evaluating operates to return only one of two 
possible values, one of said possible values indicating that access to said at least one 
record should be granted, and the other one of said possible values indicating that 
access to said at least one record should be denied, (col. 2, lines 34-49). 
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As to claim 5, Hirsch further discloses wherein said evaluation is performed only 
when request to access said at least at one record has been received, (col. 2, lines 34- 
39). 

As to claim 6, Hirshch further discloses a method as recited in claim 1, wherein 
said defining of said at least one expression defines access privileges for a user of said 
database with respect to accessing one or more records of said database, (col. 2, lines 
34-49). 

As to claim 7, Hirshch further discloses a method as recited in claim 1 , wherein 
said defining of said at least one expression operates to define access privileges for a 
user of said database with respect to at least one operation that can be performed on 
one or more records of said database, (col. 2, lines 34-49). 

As to claims 8 and 30, Hirshch further discloses a method as recited in claim 1, 
wherein said defining of said expression defines access privileges for at least one user 
of said database with respect to access to one or more records in said database, (col. 3, 
lines 18-34), and wherein said defining of said expression operates to define access 
privileges with respect to at least one operation that may be requested to be performed 
by said at least one user on one or more records of said database, (col. 3, lines 18-34). 

As to claims 9 and 31 , Hirsch further discloses the functional expression includes 
one or more of the following: a function; an operator; a database column name; a 
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variable; and a constant. However, Hirsch does not teach at least one user is 
assigned a password that is associated with said expression. Kobayashi teaches 
the user access right management file UMF stores and manages "login ID", "item 
access right group code", and "record access right group code" in units of users, (col. 
5, lines 24-27). When an arbitrary login ID and password are input in accessing the 
employee information file, the application execution control refers to the user DB 
access right file UAF to determine a user group to which the user belong, (col. 5, lines 
52-55). Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to the teachings of Hirsch with the teaching of Kobayashi. 
By doing so, the system can maintains security in an open environment, (col. 1, lines 
45-47). 

As to claim 10, Hirshch further discloses wherein access to said at least one 
record can be for browsing, editing, or deleting of said at least one record, (col. 7, lines 
7-19). 

6. Claims11-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ananda (US 6385731 B2) in view of Schaefer et al. (US 5826268). 

With respect to claim 1 1 , Ananda discloses a method of controlling access to 
records stored in a database, said method comprising: identifying a password that is 
associated with one or more users of said database, (col. 3, lines 19-34); receiving a 
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request to perform said at least one operation on one or more records of said database, 
said request being identified as a request made by said one or more users associated 
with said password, (col. 3, lines 19-34); evaluating said calculation expression when 
said request has been received, (col. 3, lines 19-34); said evaluation returning only one 
of two possible values, one of said to possible values indicating that said at least one 
operation should be granted and another one of said possible values indicating that said 
at least one operation should be denied, (col. 3, lines 19-34); granting said at least one 
operation to be performed when said evaluation returns one said possible value to 
Indicate that said at least one operation should be granted, (col. 3, lines 19-34) ; and 
denying said at least one operation to be performed when said evaluation returns one 
said another possible value to indicate that said at least one operation should be 
denied, (col. 3, lines 19-34). 

Ananda does not clearly disclose "defining a calculation expression for said 
identified password, said calculation expression defining access privileges of said one 
or more users with respect to at least one operation that may be requested to be 
performed by said one or more users on one or more records of said database." 

However, Schaefer shows the record on "James Bond" may be visible at level U, 
and at level U we can see a set of "MI-6 employee". However, the fact the Bond works 
for MI-6 is a member of the employee set, should be visible only at level S or above. 
The fact that Bond is infiltrating may be classified T so that the Bond record appears in 
both set. Such invisible super types help to preserve data confidential, (col. 10, lines 3- 
15). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to employ the teaching of Ananda with the teaching of 
Schaefer because many databases containing sensitive data are likely to be accessible 
through a computer network or internet work, thereby exposing those databases to 
entities which may attempt to comprise the confidential of the sensitive data. 

As to claim 12, Anna further discloses wherein said at least one operation can 
be a browse, and edit, or a delete operation, (col. 28, lines 8-18) 

As to claim 13, Ananda further discloses wherein said calculation expression is 
not explicitly defined for said at least one operation but said calculation expression is 
one that has been defined for another operation which has been considered as a 
related operation to said at least one operation, (col. 3, lines 19-34). 

As to claim 14, Ananda further discloses a method as recited in claim 1 1 , 
wherein said calculation expression can be evaluated at least partly based on a value of 
at least one field of said at least one record, and wherein said calculation expression 
can be evaluated at least partly based on at least one state variable of said database, 
(col. 3, lines 19-34). 
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As to claim 15, Ananda does not teach "a method as recited in claim 14, wherein 
said method further comprises: granting temporary or limited access to said at least one 
record to allow said evaluating of said calculation expression." 

However, Schaefer shows the record on "James Bond" may be visible at level U, 
and at level U we can see a set of "MI-6 employee". However, the fact the Bond works 
for MI-6 is a member of the employee set, should be visible only at level S or above. 
The fact that Bond is infiltrating may be classified T so that the Bond record appears in 
both set. Such invisible super types help to preserve data confidential, (col. 10, lines 3- 
15). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to employ the teaching of Ananda with the teaching of 
Schaefer because password protection and access lists of user having permission to 
access a particular piece of data my be employed to prevent unauthorized retrieval of 
the sensitive data. 

7. Claim16-27 and 33-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Leong (US 6434552B1 ) in view of Couch et al. (US 6493700B2). 

With respect to claims 16 and 33, the applications 208, 210 and 212 maintain 
their respective information in data stores such as files (not shown) or databases 214, 
216 and 218 that reside in a readable and writ able portion 220 of the memory 106. 
Each related group of data, for example, a name, an address and a telephone number, 
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is stored in a database as a record. The individual pieces of information in the record, 
that is, the name, address and telephone number are known as fields. A database 
contains many instances of each record type. It is important to distinguish between a 
type and an instance of both a record and a field. For example, an instance of a 
contacts record type in the contacts database 218 consists of an instance of each of 
the following field types: name, address, telephone number and email address. As a 
further example, the name "John Smith" is an instance of the name field type. It is a 
common practice to drop the qualifiers "type" and "instance" (for both records and 
fields), and to rely on context to indicate which of the two is meant. The description 
that follows adopts this common practice, (col. 4, lines 44-67) as step of a database 
having one or more records stored therein. If the Continue Find button 612 is 
activated, the operation follows the path of an arrow 312 in FIG. 3 to a RESULT state 
306. The sequence also proceeds to a SEARCH DATABASES step 412. In this step, 
the application searches each of the marked databases in the Confirmation GUI screen 
600 for records meeting the other search conditions. In a database such as the 
Contacts database, a record is deemed to meet the other search conditions if it 
contains the search text. Such a record does not contain any time information and the 
date conditions are therefore of no relevance when retrieving records in that database. 
However in another database such as the Calendar database, a record is deemed to 
have met the other search conditions if it contains the search text and has a date which 
falls between the From and To dates of the search conditions, (col. 7, lines 37-52), 
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Leong discloses the screen 800 allows a user to access all the fields of the 
particular record. One way to allow access to the record is for the search application 
213 to be given read and write permissions to the databases so that a user can access 
the databases using the search application directly. Another way is for the search 
application to invoke the appropriate application and for the user to use the appropriate 
application to subsequently access the databases, (col. 7, lines 42-49). However, 
Leong does not explicitly teach wherein said Graphical User Interface operates to 
facilitate defining access privileges with respect to said one or more records 
stored in said database. Couch teaches under the present invention, the explain 
table qualifier designation module 100, preferably in conjunction with the GUI 66, 
allows the user to designate any explain table 51 that the user wishes to reference, so 
long as the user has the required privileges. Once the user selects a desired qualifier 
102 corresponding to is a selected explain table 51 , a privilege module 106 preferably 
makes the determination whether or not the user has the required privileges to access 
the selected explain tables 51. In the depicted embodiment, the qualifier module is 
shown as a component of the explain table qualifier designation module 100, and while 
the qualifier module 102 is preferably linked thereto, it does not have to be part of the 
explain table qualifier designation module 100, (col. 9, lines 52-65) as step of wherein 
said Graphical User Interface operates to facilitate defining access privileges 
with respect to said one or more records stored in said database. Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made to combine the teachings of Leong with the teaching of Couch. By doing so, the 
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relational database management system minimizes the computer time and resource 
(i.e. cost) for executing the query, (col. 1, lines 56-58). 

As to claim 17, Leong further discloses a database system as recited in claim 16, 
wherein said Graphical User Interface operates to provide the ability for a user of said 
database to define an expression associated with at least one operation that may be 
requested to be performed by another user of said database on said one or more 
records stored in said database, (col. 8, lines 32-49). 

As to claim 18, Leong further discloses a database system as recited in claim 16, 
wherein said Graphical User Interface operates to provide the ability for a user to define 
said expression without requiring said user to write a programming script, (col. 8, lines 
32-49). 

As to claim 19, Leong further discloses the screen 800 allows a user to access all 
the fields of the particular record. One way to allow access to the record is for the 
search application 213 to be given read and write permissions to the databases so that 
a user can access the databases using the search application directly. Another way is 
for the search application to invoke the appropriate application and for the user to use 
the appropriate application to subsequently access the databases, (col. 7, lines 42-49). 
However, Leong does not explicitly teach wherein said Graphical User Interface 
provides a window that allows a user to interact with said Graphical User 
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Interface to identify a password for which access privileges may be define or re- 
defined. Couch teaches under the present invention, the explain table qualifier 
designation module 100, preferably in conjunction with the GUI 66, allows the user to 
designate any explain table 51 that the user wishes to reference, so long as the user 
has the required privileges. Once the user selects a desired qualifier 102 
corresponding to is a selected explain table 51, a privilege module 106 preferably 
makes the determination whether or not the user has the required privileges to access 
the selected explain tables 51 . In the depicted embodiment, the qualifier module is 
shown as a component of the explain table qualifier designation module 100, and while 
the qualifier module 102 is preferably linked thereto, it does not have to be part of the 
explain table qualifier designation module 100, (col. 9, lines 52-65) as step of wherein 
said Graphical User Interface provides a window that allows a user to interact 
with said Graphical User Interface to identify a password for which access 
privileges may be define or re-defined. Therefore, it would have been obvious to 
one of ordinary skill in the art at the time the invention was made to combine the 
teachings of Leong with the teaching of Couch. By doing so, the relational database 
management system minimizes the computer time and resource (i.e. cost) for 
executing the query, (col. 1, lines 56-58). 

As to claim 20, Couch further discloses a database system as recited in claim 19, 
wherein said Graphical User Interface further provides a window that allows a user to 
specify a calculation expression which defines access privileges with respect to at least 
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one operation that may be requested to be performed on said one or more records, (col. 
9, lines 52-65). 

As to claims 21 and 26, Leong further discloses a database system as recited in 
claim 20, wherein said at least one operation can be a browse, edit, or a delete 
operation, (col. 9, lines 10-35). 

As to claim 22, Leong further discloses a database system as recited in claim 20, 
wherein said calculation expression can be evaluated at least partly based on a value in 
at least one field of said one or more records of said database, and wherein said 
calculation expression can be evaluated at least partly based on at least one state 
variable of said database, (col. 9, lines 10-35). 

As to claim 23, Leong further discloses a database system as recited in claim 16, 
wherein said database program operates to determine whether access to at least one of 
said one or more records should be granted or denied, (col. 8, lines 33-49). 

As to claim 24, Leong further discloses a database system as recited in claim 23, 
wherein said determining of whether access to said at least one record should be 
granted or denied is performed by evaluating a calculation expression for said at least 
one of said one record, (col. 9, lines 10-35). 
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As to claim 25, Leong further discloses a database system as recited in claim 24, 
wherein access to said at least one record is granted only when said determining 
determines that access should be granted, and wherein access to said at least one 
record is denied when said determining determines that access should be denied for 
said record, (col. 8, lines 33-49). 

As to claim 27, Leong further discloses a database system as recited in claim 24, 
wherein said database system further comprises a cache, and wherein said cache 
operates to store an evaluated result of at least one calculation expression, (col. 9, lines 
10-35). 

As to claim 34, Leong further discloses said Graphical User Interface further 
operates to evaluate said expression in order to determine whether access to said at 
least one record should be granted, (col. 8, lines 33-49). 
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Contact Information 



8. Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, D.C. 20231 

Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to Tarn V Nguyen whose telephone number 
is (703) 305-3735. The examiner can normally be reached on 7:30AM-5: 00PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Yen Vu can be reached on (703) 305-4393. The fax phone numbers for 
the organization where this application or proceeding is assigned are (703) 746-7239 for 
formal communications and (703) 746-7240 for informal communications. 

Hand-delivered responses should be brought to Crystal Park II, 2121 Crystal 
Drive, Arlington, Virginia 22202. Fourth Floor (Receptionist). 

9. Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 
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